ALT-BU-2022-5126-1
Branch p10 update bulletin.
Package firefox-esr updated to version 91.9.1-alt0.p10.1 for branch p10 in task 300559.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-1529
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Modified: 2024-11-21
CVE-2022-1802
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Package xfce4-settings updated to version 4.16.2-alt5 for branch p10 in task 300977.
Closed bugs
Черный экран при выходе из syspend при выключенном переключателе "настраивать новые дисплеи при подключении"
Package alterator-lookout updated to version 2.8.1-alt1 for branch p10 in task 301029.
Closed bugs
min-height и min-width